Tag: unitedstates
9 articles

WestJet Notifies Americans of Exclusive Data Breach Risk
WestJet told U.S. customers that a criminal intrusion discovered in June may have exposed personal and loyalty-account information—potentially affecting hundreds of thousands to over a million travelers—and has raised tough questions about who safeguards the sensitive travel data airlines collect. More than an operational headache, the breach highlights how legacy systems and third‑party connections can turn travel records into prime targets for phishing and identity fraud.

Cryptocurrency ATMs: Risky Reality, Must-Have Alerts
Cryptocurrency ATMs offer quick, cash-to-crypto convenience—but their speed and perceived anonymity make them prime tools for scammers and regulatory headaches, so investors should scrutinize fees, compliance, and fraud controls before betting on the sector.

automated license-plate readers: Stunning Privacy Risk
Retired Navy veteran Lee Schmidt and co-plaintiff Crystal Arrington say they were tracked hundreds of times by Flock’s automated license-plate readers, sparking a federal lawsuit that asks whether neighborhood safety tools have quietly become mass surveillance. As courts and communities wrestle with warrantless access, the case highlights how searchable location logs can map our every move — and why many call for stronger limits and transparency.

healthcare data Stunning Breach: Worst Risk to 850K
Imagine the place you trust with your most private health details becoming an unlocked door — more than 850,000 Americans now face that reality after three medical centers had records, billing data, and sensitive clinical notes stolen. This wake-up call shows healthcare systems must strengthen defenses while patients stay alert and protect their information.

Scattered Spider Stunning Bank Breach — Risky Alert
Think they’d really retired? Scattered Spider quietly retooled and hit a U.S. bank, proving public retirements can be misdirection and that banks must move beyond checklist security to stay ahead.

data poisoning: Stunning Dangerous Surge in Firms
New research shows about one in four UK and US firms have faced data poisoning attempts that corrupt AI training data — a stealthy threat that can make models misbehave, leak sensitive information, or embed persistent backdoors. It’s a wake-up call: protecting AI means treating data integrity as a first-line defense.

attacker surveillance: Exclusive Risky Ethics Debate
Huntress’s cheeky description of an attacker “on a silver platter” has split infosec — praised by some as a rare, practical learning moment and criticized by others for risking privacy, investigative integrity, and even giving attackers tips. The debate highlights a bigger question: how can defenders share real-world lessons widely without creating new vulnerabilities or harming victims?

Salty2FA: Exclusive Dangerous Phishing Threat
A new phishing kit called Salty2FA is turning multi-factor authentication into an exploitable step, automating interception of codes, cookies, and push prompts to bypass SMS and app-based 2FA. Organizations should treat 2FA as an architecture—move to phishing-resistant methods like FIDO2, tighten session controls, and ramp up detection before attackers rent this tool and hit your users.

data breach: Stunning Risky Leak Hits 4.5M
TransUnion says a vendor’s hacked app exposed data for about 4.5 million U.S. consumers — a stark reminder that third-party flaws can put your most sensitive financial information at risk. If you’re affected, check your credit, consider freezes or alerts, and watch for notifications about monitoring and identity restoration.